<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

class PasswordController extends Controller
{
  public function reset(Request $request)
  {
    $request->validate([
      'password_old' => 'required',
      'password' => 'required|confirmed',
    ]);
    $user = auth()->user();
    if (!password_verify($request->password_old, $user->password)) {
      fail('旧密码错误');
    }
    $user->password = bcrypt($request->password);
    $user->save();

    return success('ok');
  }

  public function reset2(Request $request)
  {
    $request->validate([
      'old' => 'required',
      'new' => 'required'
    ]);

    $user = auth()->user();

    if (!password_verify($request->old, $user->password)) {
      fail('原密码错误');
    }

    $user->password = bcrypt($request->new);
    $user->save();

    return success('ok');
  }

  public function resetSecurity(Request $request)
  {
    $request->validate([
      // 'old' => 'required',
      'new' => 'required'
    ]);
    $user = auth()->user();
    if ($user->security && $user->security != $request->old) {
      fail('原密码错误');
    }

    $user->security = $request->new;
    $user->save();

    return success('ok');
  }

  public function checkPassword(Request $request)
  {
    $user = auth()->user();
    if (password_verify($request->password, $user->password)) {
      return success('ok');
    }
    fail('登录密码错误');
  }

  public function checkSecurity(Request $request)
  {
    $user = auth()->user();
    if ($user->security == $request->password) {
      return success('ok');
    }
    fail('安全密码错误');
  }

  public function generateApiToken()
  {
    // $seller = seller();
    $user = auth()->user();

    $user->api_token = \Str::of(\Str::uuid())->replace('-', '');
    $user->save();

    return success($user->api_token);
  }
}
